Blog / Cybersecurity Training
Keeping User’s Cybersecurity Training Current is Critical
One of the most common reasons for an organization to invest in cybersecurity training is to meet insurance requirements. Unfortunately it’s also often the only reason, as outside of legislated compliance most organizations’ attitudes towards cybersecurity training seems to be that it’s not worth their time. But there’s an unspoken assumption which typically comes along with this attitude, and that’s that everyone in your organization isn’t just aware of things like phishing or other security threats in the wild, but that they also know how to detect and defeat them.
As you can likely guess by now though, to say such an assumption is untrue and even dangerous would be an understatement. Far too many users and organizational leaders place an undeserved amount of faith in technical controls, even going as far as assuming that every email in their inbox is safe just because their computer allowed it through whatever defenses are installed on their system. Of course, such behaviour on the part of everyday users is understandable to an extent, but it’s also behavior that’s well-known to attackers who, unlike everyday users, also know precisely how those computer defenses work and how to evade them.
This is why many times cybercriminals don’t target a system’s technical defenses, but the users who rely on them instead.
Cybersecurity Training for End Users
One thing to keep in mind is that firewalls, anti-malware software, spam filtering, and other technical controls are all computerized defenses, and computers are very good at doing exactly what they’re told to. But only that, and only precisely as programmed. On one hand that means they’re effective. On the other hand, though, it also means they’re predictable, and that means they should be considered your first line of defense against hackers, not your last.
And therein lies the reason why cybersecurity training for staff is so crucial for any organization, business, or municipality; your users are often your last line of defense against unwanted intrusions, and are even a point of vulnerability when it comes to socially engineered hacks, particularly if they haven’t been trained on how to detect and defend against them. In this light, it seems strange to not invest in inexpensive training that could save an organization from an expensive breach and help improve defenses. And yet, despite this, it seems like most organizations are happy to ignore training staff until it’s too late and they have to eat the costs of a pricy data breach their cyberinsurance won’t cover because their staff weren’t properly trained.
As part of our commitment to stress-free IT, TRINUS offers several free training resources for staff regarding topics of all kinds, including cybersecurity. For even more information about cybersecurity training for your staff, you can also contact us by email, or consult with a TRINUS cybersecurity professional directly by calling 1 (877) 489-9985.
This quote comes from Othello; ‘As, I confess, it is my nature’s plague To spy into abuses, and oft my jealousy Shapes faults that are not.’
Be kind to one another, courtesy your friendly neighbourhood cyber-man.
